package com.jimet.server;
import javax.crypto.SecretKey;
import javax.servlet.http.*;
import com.jimet.security.AES;
import com.jimet.security.JimetLoginAuthenticator;
import com.jimet.security.MD5;
import com.jimet.user.JimetUser;

public class JimetServer {
	
	/**
	 *  Pre-Configured authentication type.
	 */

	
	/**
	 * Constructor
	 */
	public JimetServer() {
		super();
	}

		
	/** opens a new session by using the pre-configured AuthenticationType
	 * @param username - the username
	 * @param password - the password in cleartext
	 * @param authenticationType - JimetAuthenticationType int
	 * @param request - HTTPServletRequest object of the client making the request
	 * @return the user ID
	 * @throws Exception
	 */
	public String openSession(String username, String password, HttpServletRequest request) throws Exception
	{
		JimetServerUser juser 	= null;
		password 				= MD5.hash(password);
		String hexToken			= ""; 
		String shortToken		= "";
		String userID 			= "";
		int intUserId 			= 0;
		
		try
		{
			userID = JimetLoginAuthenticator.authenticate(username, password);
		}
		catch(Exception ex)
		{
			throw new JimetLoginException(ex.getMessage());
		}

		
		if(userID.length()> 0) 
			intUserId = Integer.parseInt(userID);

		if(userID.equals("-1")) 
			return "-1";
		
		juser = new JimetServerUser(intUserId);

		if(intUserId > 0)
		{ 
			JimetUser tmpUser	= new JimetUser();
			tmpUser.load(intUserId);
			if (!juser.isAuthorized("USER_LOGIN"))
			{
				logAnonymousAction(request,"FAILED_LOGIN","USERNAME="+username);
				shortToken = "-2";
			}
			else
			{
				juser.setUsername(username);
				juser.setRemoteHost(request.getRemoteHost());
				HttpSession session = request.getSession();

				JimetSession js 	= (JimetSession) session.getAttribute("JimSession"); 
				SecretKey skey 		= AES.generateSecretKey();
				hexToken 			= js.initialize(skey,juser,request);
				shortToken			= js.getTokenKey();
				session.setAttribute(shortToken, hexToken);
				juser.logAction("LOGIN");

			}
		}
		else
			logAnonymousAction(request,"FAILED_LOGIN","USERNAME="+username);
		
		return shortToken;
	}
		
	/** Logs anonymous action with the user id -1 and the remote host ip,
	 * besides it logs the action date, too.
	 * @param request - request of the client.
	 * @param actionID - id of the action defined in the JimetSupervision Module
	 * @throws Exception
	 */
	public synchronized void logAnonymousAction(HttpServletRequest request, int actionID) throws Exception
	{
		JimetSupervisorDB jsdb = new JimetSupervisorDB();
		jsdb.insertAction(-1,request.getRemoteHost(),actionID,"");
		jsdb.disconnect();
	}

	/** Logs anonymous action with the user id -1 and the remote host ip,
	 * besides it logs the action date, too.
	 * @param request - request of the client.
	 * @param actionID - id of the action defined in the JimetSupervision Module
	 * @param actionParams - parameter to log besides the actionID.
	 * @throws Exception
	 */
	public synchronized void logAnonymousAction(HttpServletRequest request, int actionID,String actionParams) throws Exception
	{
		JimetSupervisorDB jsdb = new JimetSupervisorDB();
		jsdb.insertAction(-1,request.getRemoteHost(),actionID,actionParams);
		jsdb.disconnect();
	}

	
	/** Logs anonymous action with the user id -1 and the remote host ip,
	 * besides it logs the action date, too.
	 * @param request - request of the client.
	 * @param shortCode - short code of the action defined in the JimetSuperVision Module.
	 * @throws Exception
	 */
	public synchronized void logAnonymousAction(HttpServletRequest request, String shortCode) throws Exception
	{
		JimetSupervisorDB jsdb = new JimetSupervisorDB();
		int actionID = jsdb.getActionID(shortCode);
		jsdb.insertAction(-1,request.getRemoteHost(),actionID,"");
		jsdb.disconnect();
	}

	
	/** Logs anonymous action with the user id -1 and the remote host ip,
	 * besides it logs the action date, too.
	 * @param request - request of the client.
	 * @param shortCode - short code of the action defined in the JimetSuperVision Module.
	 * @param actionParams - parameter to log besides the actionID.
	 * @throws Exception
	 */
	public synchronized void logAnonymousAction(HttpServletRequest request, String shortCode,String actionParams) throws Exception
	{
		JimetSupervisorDB jsdb = new JimetSupervisorDB();
		int actionID = jsdb.getActionID(shortCode);
		jsdb.insertAction(-1,request.getRemoteHost(),actionID,actionParams);
		jsdb.disconnect();
	}	
}
